Summary: Behavioral Compatibility without State
Explosion: Design and Verification of a
Component­based Elevator Control System #
Paul C. Attie 1 , David H. Lorenz 2 , Aleksandra Portnova 3 , and Hana Chockler 4
1 American University of Beirut, Beirut, Lebanon. pa07@aub.edu.lb
2 University of Virginia, Charlottesville, Va 22904, USA. lorenz@cs.virginia.edu
3 Northeastern University, Boston, MA 02115, USA. portnova@ccs.neu.edu
4 WPI, Worcester, MA 01609, USA. hanac@theory.csail.mit.edu
Abstract. Most methods for designing component­based systems and
verifying their compatibility address only the syntactic compatibility of
components; no analysis of run­time behavior is made. Those methods
that do address run­time behavior su#er from state­explosion: the expo­
nential increase of the number of global states, and hence the complexity
of the analysis, with the number of components. We present a method
for designing component­based systems and verifying their behavioral
compatibility and temporal behavior that is not susceptible to state ex­
plosion. Our method is mostly automatic, with little manual deduction
required, and does not analyze a large system of connected components
at once, but instead analyzes components two­at­a­time. This pair­wise
approach enables the automatic verification of temporal behavior, us­